General
-
Target
a90f81f79cf29b19978b2c36e5ae8daad4a2e165f3e895cd0483dc9b7eacc8d5
-
Size
193KB
-
Sample
221123-3hav1ace25
-
MD5
45d72831bcdc9d581ac125b8212a6550
-
SHA1
853ff6eb0afcd3bb9af72431c6276149eea6830c
-
SHA256
a90f81f79cf29b19978b2c36e5ae8daad4a2e165f3e895cd0483dc9b7eacc8d5
-
SHA512
dbab39b0838ca1867462a60e8f90e0a09fe153d887718b0d2acdc7e905d844c239aa9de605b54640285bc88c8535878aee19b26657d8d5c0369a88073c762082
-
SSDEEP
3072:6zW+DiC9iLo+GnHS5GWp1icKAArDZz4N9GhbkrNEkQfH7YyrIXgXjCWBOb:FKwLo7kp0yN90QEffUXg
Static task
static1
Behavioral task
behavioral1
Sample
a90f81f79cf29b19978b2c36e5ae8daad4a2e165f3e895cd0483dc9b7eacc8d5.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a90f81f79cf29b19978b2c36e5ae8daad4a2e165f3e895cd0483dc9b7eacc8d5.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
a90f81f79cf29b19978b2c36e5ae8daad4a2e165f3e895cd0483dc9b7eacc8d5
-
Size
193KB
-
MD5
45d72831bcdc9d581ac125b8212a6550
-
SHA1
853ff6eb0afcd3bb9af72431c6276149eea6830c
-
SHA256
a90f81f79cf29b19978b2c36e5ae8daad4a2e165f3e895cd0483dc9b7eacc8d5
-
SHA512
dbab39b0838ca1867462a60e8f90e0a09fe153d887718b0d2acdc7e905d844c239aa9de605b54640285bc88c8535878aee19b26657d8d5c0369a88073c762082
-
SSDEEP
3072:6zW+DiC9iLo+GnHS5GWp1icKAArDZz4N9GhbkrNEkQfH7YyrIXgXjCWBOb:FKwLo7kp0yN90QEffUXg
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-